GhostPost Privacy Policy
Effective Date: December 15, 2025
GhostPost (“GhostPost”, “we”, “us”, or “our”) is committed to protecting user privacy and maintaining a transparent approach to data handling. This Privacy Policy describes what information we collect, how we use it, how it is stored, and the choices available to you. This policy applies to all users of the GhostPost mobile application and website (the “Service”).
By accessing or using GhostPost, you acknowledge that you have read and understood the practices described in this Privacy Policy.
GhostPost is designed around privacy-first principles. We do not require personal accounts, emails, phone numbers, or real names. Our platform is engineered to minimize data collection and ensure that identities cannot be linked to posted content.
We follow a Zero-Knowledge design philosophy: we intentionally limit the information we have about you to the minimum necessary for the Service to function.
We do not collect or store:
Email addresses
Phone numbers
Names
Passwords
Government IDs
Contact lists
Advertising identifiers (unless explicitly disclosed, and currently we do not use them)
We do not create or maintain public profiles for any user.
Upon first use, the app generates a random, anonymous unique identifier (UUID) stored locally on your device.
Purpose: To associate your posts and votes with a persistent identity without revealing who you are.
Storage: Remains only on your device unless included with content you submit.
Recovery: If you uninstall or clear the app’s data without saving your Recovery Key, your history cannot be restored.
3.2 Location Data
GhostPost may request access to your device’s location solely for the purpose of delivering hyper-local content.
Processing:
GPS coordinates are converted into a general area (e.g., “Brooklyn, NY”).
Precise coordinates are not stored or retained.
Storage:
Only the text-based region (city/neighborhood) may be attached to your post.
We do not build a location history.
User Choice:
You may deny location permissions.
You may use “Manual Search” mode to browse locations without sharing your device location.
3.3 Content You Submit
We store only the content you create, such as:
Questions
Answers
Polls
Votes and Reports (stored locally on your device)
Posts are public and viewable by other users. Important: Do not include sensitive or personal information in your posts.
3.4 Device Storage Data
We store the following only on your device’s local storage:
Cryptographic keys (Secret Key)
Recovery Key (if generated)
Your voting and reporting history
If this data is erased, it cannot be restored by us.
3.5 Automatically Collected Technical Data (Minimal)
To maintain app functionality and security, we may automatically collect:
Basic device information (model, OS version)
App version
Crash logs and diagnostic data
We do not collect device identifiers such as IMEI or MAC addresses. Crash logs are anonymized.
We use the minimal data we collect to operate and improve the Service:
Deliver local, relevant content
Prevent duplicate voting or abuse
Maintain community integrity
Diagnose performance issues
Improve app stability and security
We do not sell personal data. We do not use your data for behavioral advertising.
Your cryptographic keys and activity history never leave your device.
If you uninstall or clear data, this information is permanently lost.
5.2 On Our Servers
We store:
Posts (questions, answers, polls)
Public metadata (city or neighborhood name attached to posts)
Server data is encrypted in transit and at rest. We intentionally store no personal identifiers.
We may rely on trusted third parties for:
Hosting and cloud infrastructure
Location and geocoding services
Security and performance monitoring
All selected providers must meet high standards for data security and privacy. We do not permit third parties to use data for unrelated marketing or profiling.
GhostPost is not intended for individuals under 13 years of age (or the minimum age required by local law). We do not knowingly collect data from children. If we become aware of such data, we will delete it promptly.
We retain:
Public posts for as long as they remain relevant to community discussions
Minimal server metadata only as long as necessary to operate the Service
We retain no personal accounts, credential data, or location histories.
You may:
Grant or deny location access at any time
Use Manual Search mode without sharing any coordinates
Post Removal
You may delete your own content unless it has been anonymized or aggregated.
Local Reset
You may reset or clear app data locally; doing so deletes:
Your UUID
Your cryptographic keys
Your voting/reporting history
This action is irreversible without a Recovery Key.
We employ industry-standard safeguards, including:
Secure storage of public content
Encryption in transit (HTTPS/TLS)
Cryptographic identity management
Zero-Knowledge architecture for user identity data
However, no system can guarantee absolute security.
If you access the Service from outside the United States, your data may be processed on servers located in the United States or other jurisdictions. These transfers occur under applicable legal safeguards.
We may update this Privacy Policy to reflect changes in our practices or legal requirements. The “Effective Date” at the top of the policy will indicate when revisions take effect. Continued use of the Service constitutes acceptance of the updated policy.
For any questions about this Privacy Policy or our data practices, please contact us at:
cloudloftcreatives@gmail.com
We will respond to inquiries in a timely manner.